Re: Cisco Remote access anyconnect VPN

vishaw jasrotia · ‎03-24-2020

Hi

We are facing some anyconnect connection failures in our setup. Need some technical guide where I can get the detils of communication from session build to session terminate between anyconnect client and server.

Or any expert pl explain the details over the reply.

This will help me in troubleshooting.

Thanks

Rob Ingram · ‎03-24-2020

Hi,
If using SSL/TLS then communication will be using tcp/443 (SSL/TLS) and udp/443 (DTLS) from client to ASA/FTD to establish a tunnel.
If using IPSec, then you will be using udp/500, esp and potentially udp/4500 from client to ASA/FTD to establish a tunnel.

HTH

vishaw jasrotia · ‎03-24-2020

Thanks for reply. Yes we are using ssl/tls over tcp 443.
I need complete process details type of exachage and more.

Rob Ingram · ‎03-24-2020

The AnyConnect client will build 3 tunnels: Parent, SSL and DTLS. Parent/SSL uses tcp/443, initial connection is the tcp 3 way handshake followed by SSL/TLS handshake. The DTLS tunnel (if enabled) uses udp/443, is formed at the end of the connection (after SSL//TLS) and is used for data transfer over the VPN.

The DTLS tunnel is used to avoid latency and bandwidth problems associated with some SSL connections and improves the performance of real-time applications that are sensitive to packet delay. It's optional, if it's not enabled then data is transferred used SSL/TLS instead. DTLS provides the best performance.

Do you actually have an issue you need help with troubleshooting?